إرسال #745514: yeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controlsالمعلومات

عنوانyeqifu warehouse latest(git commit aaf29962ba407d22d991781de28796ee7b4670e4) Improper Access Controls
الوصفMenu create/update/delete endpoints have no authorization checks. Attackers can alter the UI navigation tree, hide critical functions from legitimate users, or expose admin functions to unauthorized users if the frontend relies on menu visibility as a security boundary.
المصدر⚠️ https://github.com/yeqifu/warehouse/issues/56
المستخدم
 AliceS614 (UID 94277)
ارسال23/01/2026 10:46 AM (5 أشهر منذ)
الاعتدال06/02/2026 08:57 AM (14 days later)
الحالةتمت الموافقة
إدخال VulDB344645 [yeqifu warehouse حتى aaf29962ba407d22d991781de28796ee7b4670e4 Menu Management MenuController.java addMenu/updateMenu/deleteMenu تجاوز الصلاحيات]
النقاط17

التالي نظرة عامة السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!